data protection officer

Contact

Dr. Pőcze Péter László

9026 Győr, Egyetem tér 1.

+3696/503-400  3173 extension

adatvedelem@sze.hu

contact details management

Information on data management

  1. Data Controller:

Széchenyi István University (hereinafter referred to as: University)
address: 1 Egyetem tér, Győr 9026, Hungary

email: sze@sze.hu

phone: +36(96) 503-400

website: ddc.sze.hu

  1. Applicable laws regarding data processing:

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
Act CXII of 2011 on informational self-determination and freedom of information;

Act CCIV of 2011 on national higher education

  1. Subject and data subjects of the data processing:

– Subject of the data processing: “Management of contact data”
Data subjects: contractual parties designated as contact persons or involved in the performance of the contract in any other way; persons designated as performance certifiers or involved in the performance of the contract in any other way by the data controller (employee)

  1. Scope of processed data, purpose, duration, legal basis, source of data
  • Scope of processed data
    – Contact data (name, phone number, email address)
  • Purpose of data processing
    – The purpose of data processing is to verify, as necessary, the validity of declarations, documents, instructions made or issued within the framework of the contract, ensure the possibility of contact and communication, perform general administrative tasks related to the contract, enforce and fulfill rights and obligations arising from the contract, confirm performance, and assert other claims.
  • Legal basis of data processing
    – Article 6(1)(f) of the GDPR
  • Duration of data processing
    Until the end of the validity of the contract plus 5 years
  1. Recipients of data

Employees of the data controller who, based on their job duties, have tasks related to the performance of the contract, have access to the personal data of the data subjects.

  1. Data transmission, data processing

The University transmits personal data to third parties only in exceptional cases, with the permission of the law or the consent of the data subject. The University does not use data processors for this data processing.

  1. Data security measures:

The University ensures the adequate security of personal data by implementing appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage of data.

  1. Your rights regarding data processing:

Your data protection rights and remedies, as well as their limitations, are detailed in the GDPR (especially Articles 15, 16, 17, 18, 19, 21, 22, 77, 78, 79, and 82). You have the right to request information about your data, request correction, deletion, or restriction of processing of your data, object to processing based on legitimate interests.
You can exercise your rights regarding your data through the following contact information:

email: adatvedelem@sze.hu

tel.: +36 30 503-400

in person: 1 Egyetem tér, Győr 9026, Hungary

Name of Data Protection Officer: Dr. Péter Pőcze

Contact information of Data Protection Officer: adatvedelem@sze.hu

-Right to information:

You have the right to request information in writing about the processing of your personal data, including:

what personal data we process

on what legal basis we process your personal data

for what purpose we process your personal data

from what source we process your personal data

how long we process your personal data

what rights regarding data processing you are entitled to

whether we transmit your personal data, and if so, to whom

-Right to rectification:

You have the right to request the University to rectify inaccurate personal data concerning you.

-Right to erasure:

You can request the University in writing to delete your personal data. This provision does not apply if the processing of personal data is necessary to fulfill a legal obligation applicable to the University or for the establishment, exercise, or defense of legal claims.

-Right to restriction of processing:

Upon the written request of the data subject, the data controller restricts processing if one of the following conditions applies:

  1. a) the data subject disputes the accuracy of the personal data, in which case the restriction applies for the period allowing the data controller to verify the accuracy of the personal data;
  2. b) the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  3. c) the data controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.

In the request for restriction of processing, it must also be indicated for which reason the restriction is requested.
-Right to object:

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on legitimate interests. The University examines the processing based on legitimate interests concerning you, and if your objection is justified, we will erase your personal data. We will inform you of the outcome of the investigation in all cases.

-Right to withdraw consent:

You may withdraw your consent to data processing at any time; if you withdraw your consent, you may also request the deletion of your uploaded data. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

-Common rules for exercising rights:

The University shall provide information on the measures taken on your request without undue delay and in any event within one month of receipt of the request, in writing and in a transparent manner, and the reasons for the action taken or not taken. If necessary, considering the complexity and number of requests, this deadline may be extended by two months.

  1. Your legal remedies

If you believe that the data processing is unlawful, you can turn to the National Authority for Data Protection and Freedom of Information (NAIH) or to the court as follows:

-Submission of a complaint to the authority

If you believe that a breach of data protection laws has occurred concerning the processing of your personal data, or there is an immediate threat of such a breach, you can initiate an investigation with the supervisory authority:

Contact details of NAIH:

  • Address:
    1055 Budapest, Falk Miksa utca 9-11
  • Mailing address:
    1363 Budapest, Pf.: 9.
  • Phone number:
    +36 (1) 391-1400
  • Fax:
    +36 (1) 391-1400
  • Email:
    ugyfelszolgalat@naih.hu
  • Website:
    https://naih.hu

-Legal remedy before the court

If you observe unlawfulness in the processing of your personal data, you can initiate a civil lawsuit against the data controller. Such lawsuits fall within the jurisdiction of the courts in Hungary. You can find information about the jurisdiction and contact details of the courts on the following website: www.birosag.hu

data protection officer

Contact

Dr. Pőcze Péter László

9026 Győr, Egyetem tér 1.

+3696/503-400  3173 extension

adatvedelem@sze.hu

contact details management

Information on data management

  1. Data Controller:

Széchenyi István University (hereinafter referred to as: University)
address: 1 Egyetem tér, Győr 9026, Hungary

email: sze@sze.hu

phone: +36(96) 503-400

website: ddc.sze.hu

  1. Applicable laws regarding data processing:

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
Act CXII of 2011 on informational self-determination and freedom of information;

Act CCIV of 2011 on national higher education

  1. Subject and data subjects of the data processing:

– Subject of the data processing: “Management of contact data”
Data subjects: contractual parties designated as contact persons or involved in the performance of the contract in any other way; persons designated as performance certifiers or involved in the performance of the contract in any other way by the data controller (employee)

  1. Scope of processed data, purpose, duration, legal basis, source of data
  • Scope of processed data
    – Contact data (name, phone number, email address)
  • Purpose of data processing
    – The purpose of data processing is to verify, as necessary, the validity of declarations, documents, instructions made or issued within the framework of the contract, ensure the possibility of contact and communication, perform general administrative tasks related to the contract, enforce and fulfill rights and obligations arising from the contract, confirm performance, and assert other claims.
  • Legal basis of data processing
    – Article 6(1)(f) of the GDPR
  • Duration of data processing
    Until the end of the validity of the contract plus 5 years
  1. Recipients of data

Employees of the data controller who, based on their job duties, have tasks related to the performance of the contract, have access to the personal data of the data subjects.

  1. Data transmission, data processing

The University transmits personal data to third parties only in exceptional cases, with the permission of the law or the consent of the data subject. The University does not use data processors for this data processing.

  1. Data security measures:

The University ensures the adequate security of personal data by implementing appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage of data.

  1. Your rights regarding data processing:

Your data protection rights and remedies, as well as their limitations, are detailed in the GDPR (especially Articles 15, 16, 17, 18, 19, 21, 22, 77, 78, 79, and 82). You have the right to request information about your data, request correction, deletion, or restriction of processing of your data, object to processing based on legitimate interests.
You can exercise your rights regarding your data through the following contact information:

email: adatvedelem@sze.hu

tel.: +36 30 503-400

in person: 1 Egyetem tér, Győr 9026, Hungary

Name of Data Protection Officer: Dr. Péter Pőcze

Contact information of Data Protection Officer: adatvedelem@sze.hu

-Right to information:

You have the right to request information in writing about the processing of your personal data, including:

what personal data we process

on what legal basis we process your personal data

for what purpose we process your personal data

from what source we process your personal data

how long we process your personal data

what rights regarding data processing you are entitled to

whether we transmit your personal data, and if so, to whom

-Right to rectification:

You have the right to request the University to rectify inaccurate personal data concerning you.

-Right to erasure:

You can request the University in writing to delete your personal data. This provision does not apply if the processing of personal data is necessary to fulfill a legal obligation applicable to the University or for the establishment, exercise, or defense of legal claims.

-Right to restriction of processing:

Upon the written request of the data subject, the data controller restricts processing if one of the following conditions applies:

  1. a) the data subject disputes the accuracy of the personal data, in which case the restriction applies for the period allowing the data controller to verify the accuracy of the personal data;
  2. b) the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  3. c) the data controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.

In the request for restriction of processing, it must also be indicated for which reason the restriction is requested.
-Right to object:

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on legitimate interests. The University examines the processing based on legitimate interests concerning you, and if your objection is justified, we will erase your personal data. We will inform you of the outcome of the investigation in all cases.

-Right to withdraw consent:

You may withdraw your consent to data processing at any time; if you withdraw your consent, you may also request the deletion of your uploaded data. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

-Common rules for exercising rights:

The University shall provide information on the measures taken on your request without undue delay and in any event within one month of receipt of the request, in writing and in a transparent manner, and the reasons for the action taken or not taken. If necessary, considering the complexity and number of requests, this deadline may be extended by two months.

  1. Your legal remedies

If you believe that the data processing is unlawful, you can turn to the National Authority for Data Protection and Freedom of Information (NAIH) or to the court as follows:

-Submission of a complaint to the authority

If you believe that a breach of data protection laws has occurred concerning the processing of your personal data, or there is an immediate threat of such a breach, you can initiate an investigation with the supervisory authority:

Contact details of NAIH:

  • Address:
    1055 Budapest, Falk Miksa utca 9-11
  • Mailing address:
    1363 Budapest, Pf.: 9.
  • Phone number:
    +36 (1) 391-1400
  • Fax:
    +36 (1) 391-1400
  • Email:
    ugyfelszolgalat@naih.hu
  • Website:
    https://naih.hu

-Legal remedy before the court

If you observe unlawfulness in the processing of your personal data, you can initiate a civil lawsuit against the data controller. Such lawsuits fall within the jurisdiction of the courts in Hungary. You can find information about the jurisdiction and contact details of the courts on the following website: www.birosag.hu